[WARNING: Scam site]Found a site which is looks just like SF site, and we are also its members??

Due to you'r chosen career you have much more expertise wit this type issue than the average Joe... so if it is a database clone... what risks (if any) coud that pose to Sciforums members... an what actions (if any) do you thank Sciforums members shoud take???

 

Log in or Sign up to hide all adverts.

anything that one submits-- i am telling everyone-- they have everything. i am saying this from the little experiments i have done with that site. but oh well, i have nothing on here that will hamper me in anyway.

(LIM)--it will never matter since EVERYTHING is being transferred to it.

 

Log in or Sign up to hide all adverts.

There's nothing you CAN do.
Once the pods are fully ripe and our replacements are ready to take our place it's too late.

 

Log in or Sign up to hide all adverts.

Nice for you... what about ME an my embrassin PM's that might get posted

Please Register or Log in to view the hidden image!

 

Well... at least i can try an mitigate damages.!!!
To whome it may concern:::

In the PM whare i called someone "creepy"... i was just expressin my true feelins.!!!

HTH <------

 

1) Don't use that site.
2) Don't panic.

Based on the evidence at http://www.sarahdream.com/encyclopedia/index.php/Main_Page it LOOKS like nothing much more is going than a reverse caching proxy + rewrite of pages. Notice that the IP given at top of page is not your IP as one would expect from a fully-functional copy, but instead is the IP address of www.sarahdream.com.

Likewise, they don't gzip-compress the web traffic, and are nginx-based as opposed to Apache-based.

Thus there is no evidence that non-public content, including database access, has been accessed.

However... because it is a proxy, there is also no evidence that it is not harvesting your login information if you choose to log in at that site.

Also, there is an ad inserted on the main page, which may try and load malware just by viewing the image, so do not click and do not go to the page.
<br><p align="center"><a href="http://www.anrdoezrs.net/click-8029162-10641872-1440771929000" target="_top"> <img src="http://www.awltovhc.com/image-8029162-10641872-1440771929000" width="120" height="240" alt="AVG Internet Security " border="0"/></a></p><br>

Both URLs are registered by markmonitor.com which is its own registrar (!!) and claims to be anti-phishing -- so it MAY be a bad actor or it MAY be part of a pitch to demonstrated phishing. The serial redirects suggest the former -- the fact that all URLs point to domains registered to ValueClick or https://en.wikipedia.org/wiki/Conversant suggest the latter. No reason it can't be both.

Don't use that site.

 

Information is so wild and unruly.

I care. I think it's hilarious. I wanna know what he said about who!

 

Hard to say without the ability to really dig into it... I would suggest acting as though they were able to get a full image of Sciforums.com (ergo, change your password here, if you use the same password or username elsewhere, change that password as well). and obviously do not attempt to log into that site.

It is interesting... it is updating every so often, but not in real time (or even every few minutes - my guess is once an hour or so?) - certain bits of info, like the online users, the profile post sidebar, etc suggest exactly what rpenner said - a simple "catch and display" of what is happening here. To what end... well, that is anyone's guess.

 

Thanks.!!!
That its prolly a simple "catch and display" is a relief... an at least this issue is a good reminder not to use the same password for other sites... especialy important sites.!!!

 

I have feelins... ya know

Please Register or Log in to view the hidden image!

 

It is hilarious

Please Register or Log in to view the hidden image!

but it cant be posted publicaly so i will make it known by PM to those interested.!!!

 

Thanks... i thank we all feel beter after readin Kitts last reply

Please Register or Log in to view the hidden image!

 

Just bare in mind - this is all speculation on my part. Plazma Inferno or someone with access to the back-end servers would be the ones best able to make sure nothing more malicious is at play

Please Register or Log in to view the hidden image!

EDIT - Actually... I just thought of something. I have registered a second account here, a throwaway account, to a throwaway email address and a generic password not associated with any of my other accounts.

Going to try and sign in on that spoof site and see if it works - that should tell me if they are somehow able to get account information (it obviously won't tell me if they have been able to get it in the past, but it's the best I got). If that account works over there... well, we'll know we have a problem

Please Register or Log in to view the hidden image!

I'll report my findings tomorrow, probably around 6pm or so (once I'm back from work)

 

I consider3d doin that but didnt want any "sock" issues... shoud be interistin.!!!

Edit:::

I went to the other site right after i posted here an my post was thar also.!!!

Ive done this twice... so if its just makin "cache copies" of this site its doin it perty often.!!!

 

A simple web-crawler bot can trawl the site and update every few minutes (such as Google's spider-bot)

 

I figered ther was some sort of program to do it... but its doin it in less than 30 seconds... mayb ther jus that fast.!!!

 

Well... shit... I guess I can't test my theory lol... the registration email for the throwaway account never came...

 

Bummer... signin up for an email acount can be hard... an besides... the answr you'r experiment provided might have been scary anyhow.!!!

In the meantime... to the owner of the fake Sci forums:::

If you do have my private information... contact me an i will offer money not to publish my embrassin stuff.!!!